Find a Question:

Researchers at the security and protection company Check Point discovered a large-scale malicious software campaign on the official Android software store called Google Play. This malware is called Judy, an automatic adware type, Point the largest malicious software campaign found on Google Play Store.

The company found the software Judy in 41 applications published by Korea-based Kiniwini, published under the name Enistudio Corp, where malware uses infected devices to generate large amounts of fraudulent clicks on ads, Revenues for the people behind them.

These malicious applications have received a high penetration rate of 4.5 million to 18.5 million downloads. The company explained that a number of these applications have existed for years in the store Google Play has been updated recently, and it is unclear how long the malicious code within Those applications, so the actual spread of malicious software is unknown.

The company also found many applications containing malware, developed by other developers on the Google Play store, and the relationship between the two campaigns is still unclear, where one of the campaigns may have borrowed malicious code from the other knowingly or without knowledge.

The second campaign was last updated in April 2016, meaning that malware code had been on the Google Play store for a long time, revealing that the total malware spread was between 8.5 million and 36.5 Million users.

Judy, along with other malware found in the Google Play store like FalseGuide and Skinner, relies on the C & C command and control server to run them, and these applications were quickly removed from Google Play after CheckPoint reported Google’s threat.

Kiniwini is developing software for the Android and iOS operating systems. The security and protection company notes that it has not noticed any problems with IOS applications, and 45 applications from ENISTUDIO Corp are in Apple’s App Store. Most of them were on 31 March.